Accepted strongswan 5.2.1-6+deb8u8 (source all amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 02 Oct 2018 10:56:21 +0100 Source: strongswan Binary: strongswan libstrongswan libstrongswan-standard-plugins libstrongswan-extra-plugins libcharon-extra-plugins strongswan-dbg strongswan-starter strongswan-libcharon strongswan-charon strongswan-ike strongswan-nm strongswan-ikev1 strongswan-ikev2 charon-cmd Built-For-Profiles: nocheck Architecture: source all amd64 Version: 5.2.1-6+deb8u8 Distribution: jessie-security Urgency: high Maintainer: strongSwan Maintainers Changed-By: Chris Lamb Description: charon-cmd - standalone IPsec client libcharon-extra-plugins - strongSwan charon library (extra plugins) libstrongswan - strongSwan utility and crypto library libstrongswan-extra-plugins - strongSwan utility and crypto library (extra plugins) libstrongswan-standard-plugins - strongSwan utility and crypto library (standard plugins) strongswan - IPsec VPN solution metapackage strongswan-charon - strongSwan Internet Key Exchange daemon strongswan-dbg - strongSwan library and binaries - debugging symbols strongswan-ike - strongSwan Internet Key Exchange daemon (transitional package) strongswan-ikev1 - strongSwan IKEv1 daemon, transitional package strongswan-ikev2 - strongSwan IKEv2 daemon, transitional package strongswan-libcharon - strongSwan charon library strongswan-nm - strongSwan plugin to interact with NetworkManager strongswan-starter - strongSwan daemon starter and configuration file parser Changes: strongswan (5.2.1-6+deb8u8) jessie-security; urgency=high . * CVE-2018-17540: Fix a denial-of-service vulnerability in the GMP plugin. Verification of a signature with a very short RSA public key caused an integer underflow in a length check that results in a heap buffer overflow. Checksums-Sha1: bead452c12c34c816c0853dc906d74a914c3bc17 3421 strongswan_5.2.1-6+deb8u8.dsc 3035fc0c38e0698b0d85a94dbc25944abd2a8722 4075576 strongswan_5.2.1.orig.tar.bz2 bf106c73b8e865e1e71ca1c4608467283ecc59ca 133836 strongswan_5.2.1-6+deb8u8.debian.tar.xz b0b246050eb0084d028d15352e3f981083502885 88396 strongswan_5.2.1-6+deb8u8_all.deb c9d5940009153c75b66e365ee8496d2844178055 349718 libstrongswan_5.2.1-6+deb8u8_amd64.deb ca3ae55f586be48f66d751ec454271378e115b42 107336 libstrongswan-standard-plugins_5.2.1-6+deb8u8_amd64.deb 6f9cb7f9a140dc7c2ede78c384e9f1cd7ce5b881 138640 libstrongswan-extra-plugins_5.2.1-6+deb8u8_amd64.deb 7670af1597af1522fc45da5c416fb9edaf663436 307688 libcharon-extra-plugins_5.2.1-6+deb8u8_amd64.deb 4132dc9d10398497524bf50def551dd3eb7e3552 7567230 strongswan-dbg_5.2.1-6+deb8u8_amd64.deb 46c1a04b49cdb0487cd086aee5974b2ea04145fe 308020 strongswan-starter_5.2.1-6+deb8u8_amd64.deb a98b12ec9127503cbd3c23a918b83e209e6b3ad6 253542 strongswan-libcharon_5.2.1-6+deb8u8_amd64.deb 038ad10760252aca34f079d27e60f5280f4d652c 81474 strongswan-charon_5.2.1-6+deb8u8_amd64.deb 50f57f3189b0b6169d46fdeeb60b341bcdd7689e 72450 strongswan-ike_5.2.1-6+deb8u8_all.deb 2a51434052af38cd3bbb79ed442667523af77444 83392 strongswan-nm_5.2.1-6+deb8u8_amd64.deb 1ecbdb1cbd60a266b0e586a6df2c965ef78af0e1 72434 strongswan-ikev1_5.2.1-6+deb8u8_all.deb 0784ec83aa10de9a1d11d2f977bcf204a02a802a 72426 strongswan-ikev2_5.2.1-6+deb8u8_all.deb c03cde62441203bd6c4cf4d8da3ef15e0b2c46e9 83240 charon-cmd_5.2.1-6+deb8u8_amd64.deb Checksums-Sha256: a964cf1a6b975a0f6fc7c76af2621159eb9b3e36a8d026bfac2aec2d750106aa 3421 strongswan_5.2.1-6+deb8u8.dsc ea51ab33b5bb39fecaf10668833a9936583b42145948ae9da1ab98f74e939215 4075576 strongswan_5.2.1.orig.tar.bz2 c82706d927fe31a43fb9313ce98b710c6729f9fd4f9d2427b6b37a67cd962fa3 133836 strongswan_5.2.1-6+deb8u8.debian.tar.xz 1990a1eb6b5350503f31567eaefab438863f1b4a03731ec5b98c00d928ddea52 88396 strongswan_5.2.1-6+deb8u8_all.deb 83cb958f034dee630e73c535e431db6cd93573b0965f719f9a3f55e829b6539e 349718 libstrongswan_5.2.1-6+deb8u8_amd64.deb c024145be6c7b2bac5fb840a85cdfb8e32eb4bad6a3dd7f900ac04ef0d55fef0 107336 libstrongswan-standard-plugins_5.2.1-6+deb8u8_amd64.deb 51a9ec341982ea71c17ec913bc5147840e8530c0472d6439781430a62cc56f0e 138640 libstrongswan-extra-plugins_5.2.1-6+deb8u8_amd64.deb 921f4437e3a18a3470f0d74c53e96a73f700653682b03a8673008df5ffaac0bd 307688 libcharon-extra-plugins_5.2.1-6+deb8u8_amd64.deb ea0b156e72c8855939ca7e2914473f56d3c60f222a7fdd4a01e9dc00ac5ab2cf 7567230 strongswan-dbg_5.2.1-6+deb8u8_amd64.deb 165a1752515540bfe189014e9b8571cb6545e768d725816ee119ddfac0f47525 308020 strongswan-starter_5.2.1-6+deb8u8_amd64.deb 49bdf3545c983ce42a8562ef98b683d81e6feca946a37ba352488d3cba733db4 253542 strongswan-libcharon_5.2.1-6+deb8u8_amd64.deb c3b376b7e55289518f4fd28e74ff59d740b809f7840501fb5c103684059232ed 81474 strongswan-charon_5.2.1-6+deb8u8_amd64.deb c86a1ab21ab1163c9b670d6507dcaba75034c9fc98e07685ee6caea741b6c3d7 72450 strongswan-ike_5.2.1-6+deb8u8_all.deb e45a255f357b16f02d1d927388f7de09f2c4ce79f5625f301001831b6f3079dc 83392 strongswan-nm_5.2.1-6+deb8u8_amd64.deb
[SECURITY] [DLA 1528-1] strongswan security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Package: strongswan Version: 5.2.1-6+deb8u8 CVE ID : CVE-2018-17540 It was discovered that there was a denial-of-service vulnerability in strongswan, a virtual private network (VPN) client and server. Verification of an RSA signature with a very short public key caused an integer underflow in a length check that resulted in a heap buffer overflow. For Debian 8 "Jessie", this issue has been fixed in strongswan version 5.2.1-6+deb8u8. We recommend that you upgrade your strongswan packages. Regards, - -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAluzRa4ACgkQHpU+J9Qx Hlj3Lw//elj08ME+zL/RCQyXhiYpQPl1PHyyhWEkm89NVfSBmPV2fY1UNygoz7hf T4Z+iTjUwl24tq3KXVq9yNFJHkJVPPtm7KfT3wsJ14y1hWvTw6mdiY/8749XdRov Bu6HvRZmvJB/lgTJCulSp7vok2lsD6vUFgMDz0s5DBfQZ77pRGBJohciqKfnfnUB Ql8AQnhh+FRYh6un8FGvbC2kDUp3RMbeQgz1QbsJ+Wh75lDjNMt0pDrU1F7cN9Ij FZiUR6/u2cpXnRSvDKuzO5lz4RYmRLaCG/wR6rKyd34e1AbHgXItkViau7IDtzwB 5kJJj41blbKAPzwLjbZUB206JIq1Qt3WdzwsMbUYMlKacr8CCE/si8B3C9CXXOlz FCFVpeqTjgKxbq1SWqTNa6CejU+napLSvXiKXlGagQi90qYPrJSKwMN79ubB+vmD jAHjgmquzrbELLDvFCAMeg/wwSf4U+c1SspLbNoHSSa4L8g5pJg4CiG/a+yhPf78 cdXrOTZqW18/7L86R2sCpQ3GASutcp7aPfJpCPKAOcHj33uaU8L5OUWkxTzT1Tc0 lanbDV47iqysRc/NSibEwGpOKvuLbUO3n/a9BsuhB72P/2Kz2CwXl4HMEEOLFOB0 ZaSBRmV0fVxg2kPzuCKaTO1HnFOlby1d7T4/8ERX+zLy6929x8o= =vqor -END PGP SIGNATURE-
Re: [SECURITY] [DLA 1527-2] ghostscript regression update
Removed: ghostscript 9.06~dfsg-2+deb8u9 ghostscript-dbg 9.06~dfsg-2+deb8u9 ghostscript-doc 9.06~dfsg-2+deb8u9 ghostscript-x 9.06~dfsg-2+deb8u9 libgs-dev 9.06~dfsg-2+deb8u9 libgs9 9.06~dfsg-2+deb8u9 libgs9-common 9.06~dfsg-2+deb8u9 Upgraded. On Mon, Oct 01, 2018 at 03:20:53PM +0200, Markus Koschany wrote: > Package: ghostscript > Version: 9.06~dfsg-2+deb8u10 > Debian Bug : 90 > > Berkeley Roshan Churchill reported a regression for the recent > security update for ghostscript, announced as DLA-1527-1, caused by an > incomplete > fix for CVE-2018-16543. The pdf2ps tool failed to produce any output and > aborted with /rangecheck in .installpagedevice error. > > For Debian 8 "Jessie", this problem has been fixed in version > 9.06~dfsg-2+deb8u10.
Re: Firefox-esr 60?
Hi, On 16/09/2018 21:57, Markus Koschany wrote: > > Am 16.09.2018 um 21:51 schrieb Ola Lundqvist: >> Hi >> >> Do you mean 60.2? I do not see any criticial vulnerabilities fixed in 60. >> >> I see a note that we need to go up to 60.x release once the 52 release >> goes end of life. > > Emilio is currently working on an update. FF 52 is EOL now. The update > is complicated because we have to backport a new toolchain (e.g. rust) > to compile Firefox in Jessie. However we are committed to maintain > Firefox ESR in Jessie. Quick status update: LLVM is now in NEW, I will continue with the rest of the toolchain until I can get firefox updated. ETA end of this week. Cheers, Emilio